Senior Application Security Engineer

  • Washington, DC
  • Posted 22 days ago | Updated 1 hour ago

Overview

On Site
Contract - Independent

Skills

Senior Application Security Engineer

Job Details



Position: Senior Application Security Engineer


Location: Washington DC (Hybrid)


Job Type: 3 months contract - Possible extension




Job description:


Role: Senior Application Security Engineer



Client seeks a skilled professional to assist with Application Security Engineering. We are interested in candidates with a strong development background and sizable exposure to Cybersecurity functions and environments. Additionally, we value experience and adaptability to rapidly changing tools and technologies.



Required:
* 7+ years of overall hands-on technical experience in software development Java or Python or similar stacks.
* 5+ years of secure coding practices, security controls and DevSecOps experience
* 4+ year of vulnerability management risk scoring such as CVSS, CVE and related schema and scoring concepts.
* 3+ years of experience orchestrating risk and control-related resolutions across a diverse set of departments
* Experienced in co-ordination with technical and non-technical stakeholders.

Preferred:
* Hands-on Reporting and dashboards exp using any of the reporting tools such as PowerBI, MicroStrategy.
* Scripting and automation experience (Ansible, Terraform)
* Experience with AWS cloud or other public cloud offerings
* Knowledge of OWASP
* Certifications in the area of CyberSecurity (CISSP, CISM, CEH, OSCP etc.,)

Responsibilities & Qualifications:
* Collaborate with central vulnerability tooling teams to contribute to program maturation in support of vulnerability management activities.
* Provide information security consultation for aspects of security reviews, risk remediation, and secure coding practices.
* Collaborate and consult with peers, colleagues, and teams resolve issues and achieve goals.
* Coordinate with vendors on third party to leverage product capabilities and customize them to meet the requirements.
* Work closely with leadership, infrastructure, product development, and DevOps team members to assess risk, develop options, and implement solutions.
* Interact with Technical teams on threat attack vectors, risks, and related analysis details.
* Knowledge of common networking ports and protocols, application security, and common security elements
* Using REST API to fetch data from security vendor tools using python or other such scripting.
* Experience and good understanding of configuration and troubleshooting the WAFs, Load balancers and API gateways.
* Able to understand security and actively contribute to them for the newer projects both on cloud and on-prem.
* Experience in technical writing/editing, to create or review/edit technical security documentation.





Dexian is a leading provider of staffing, IT, and workforce solutions with over 12,000 employees and 70 locations worldwide. As one of the largest IT staffing companies and the 2nd largest minority-owned staffing company in the U.S., Dexian was formed in 2023 through the merger of DISYS and Signature Consultants. Combining the best elements of its core companies, Dexian's platform connects talent, technology, and organizations to produce game-changing results that help everyone achieve their ambitions and goals.


Dexian's brands include Dexian DISYS, Dexian Signature Consultants, Dexian Government Solutions, Dexian Talent Development and Dexian IT Solutions. Visit to learn more.


Dexian is an Equal Opportunity Employer that recruits and hires qualified candidates without regard to race, religion, sex, sexual orientation, gender identity, age, national origin, ancestry, citizenship, disability, or veteran status.


About Dexian DISYS